3 matches found
PYSEC-2024-287
Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...
PYSEC-2024-287
Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...
PT-2024-27460 · Matrix · Synapse
Name of the Vulnerable Software and Affected Versions: Synapse versions prior to 1.106 Description: Synapse is an open-source Matrix homeserver. The issue allows an unauthenticated adversary to induce Synapse to download and cache large amounts of remote media, leading to a denial of service. Thi...